What is co-management?


Co-management is one of the primary ways to attach your existing Configuration Manager deployment to the Microsoft 365 cloud. It helps you unlock additional cloud-powered capabilities like conditional access.

In this module, you will learn to:

  • Articulate the benefits of co-management for device management.
  • Describe the workloads that are supported by co-management.
  • Explain how to implement conditional access.
  • Describe the remote actions available for co-managed devices.

Co-management enables you to concurrently manage Windows 10 devices by using both Configuration Manager and Microsoft Intune. It lets you cloud-attach your existing investment in Configuration Manager by adding new functionality. By using co-management, you have the flexibility to use the technology solution that works best for your organization.

When a Windows 10 device has the Configuration Manager client and is enrolled to Intune, you get the benefits of both services. You control which workloads, if any, you switch the authority from Configuration Manager to Intune. Configuration Manager continues to manage all other workloads, including those workloads that you don't switch to Intune, and all other features of Configuration Manager that co-management doesn't support.


When you concurrently manage Windows 10 devices with both Configuration Manager and Microsoft Intune, this configuration is called co-management. When you manage devices with Configuration Manager and enroll to a third-party MDM service, this configuration is called coexistence. Having two management authorities for a single device can be challenging if not properly orchestrated between the two. With co-management, Configuration Manager and Intune balance the workloads to make sure there are no conflicts. This interaction doesn't exist with third-party services, so there are limitations with the management capabilities of coexistence.

Benefits of co-management

Icon indicating play video Watch this video to learn more about how you can quickly drive new management value. Co-management is built to create features and tools you can use right now.

When you enroll existing Configuration Manager clients in co-management, you gain the following immediate value:

  • Conditional access with device compliance
  • Intune-based remote actions, for example: restart, remote control, or factory reset
  • Centralized visibility of device health
  • Link users, devices, and apps with Azure Active Directory (Azure AD)
  • Modern provisioning with Windows Autopilot
  • Remote actions